Posts Tagged ‘file format’

Carberp + BlackHole = growing fraud incidents

Dec

2011

In recent years there has been a tremendous increase in the Russian region in the number of sites redirecting users to the Black Hole exploit kit. In most cases, successful exploitation of a vulnerability in client software leads to the installation onto the victim’s machine of either the trojan Win32/TrojanDownloader.Carberp or or of Win32/Carberp (the […]

Category General Written by ESET ThreatBlog 0 Comments

Win32/Duqu analysis: the RPC edition

Oct

2011

My Russian colleagues Aleksandr Matrosov and Eugene Rodionov have found some time to do some more analysis on Win32/Duqu. (Don’t you guys sleep?) In the previous post (http://blog.eset.com/2011/10/25/win32duqu-it%e2%80%99s-a-date) they concentrated on analyzing the Duqu configuration file format and extracting the exact date on which the system was infected. This time they investigated Duqu’s RPC (Remote […]

Category General Written by ESET ThreatBlog 0 Comments

Targeted malware attack shows how Fast Fingerprinting works

Oct

2011

Last week, I was working a shift in SophosLabs triaging customer submissions, and found myself updating detection for the Troj/DocDrop-S Trojan horse. Keen readers will remember that I have talked about the Troj/DocDrop-S malware before, in relation to the presentation that Stephen Edwards and I gave at the recent Virus Bulletin conference in Barcelona. The […]

Category General Written by Naked Security - Sophos 0 Comments

The Latest in IT Security

Posts Tagged ‘file format’

Carberp + BlackHole = growing fraud incidents

Win32/Duqu analysis: the RPC edition

Targeted malware attack shows how Fast Fingerprinting works

Categories

Featured

Archives

Latest Comments

About Us

Contact Us